As a title, I am currently working on a project that requires me to connect to a third-party payment API with Google App Script. However, after all the effort, the tech support says, that I have to make a CLIENT POST, rather than a SERVER POST. Therefore it is possible to make a post request as a client using google app script. The following is the script I currently have.
function ecpay_payment()
{
var payment_Object = {payment_data:[]};
payment_Object.payment_data.push({
'ChoosePayment':'CVS',
'EncryptType':"1" ,
'ItemName':'Test',
'MerchantID':'2000132',
'MerchantTradeDate':Utilities.formatDate(new Date(), "GMT+8", "yyyy/MM/dd HH:mm:ss"),
'MerchantTradeNo':'20210809002',
'PaymentType':'aio',
'ReturnURL':'https://script.google.com/macros/s/AKfycT5khFUkTbmLJWJXP9Y6sovFRJig/exec',
'TotalAmount':500,
'TradeDesc':'WriteAwayPLUS'
})
//'CheckMacValue':macvalue,
//JSON字串化(STRING)
var payment = JSON.parse(JSON.stringify(payment_Object.payment_data[0]));
var qs ;
for(var key in payment ) {
var value = payment[key];
qs += key + "=" + value + "&";
}
payment = qs.replace('undefined', '', );
//字串加KEY
payment = "Hashkey=5294y06JbISpM5x9&" + payment + "HashIV=v77hoKGq4kWxNNIS";
console.log(payment);// Success
//文字ENCODE
var payment= encodeURIComponent(payment);
//ENCODE不同點修正
payment = payment.replace('%7e', '~', );
payment = payment.replace('%27', "'", );
payment = payment.replace('%20', "+", );
//全文轉小寫
payment = payment.toLowerCase();
//加密
Hashvalue= Sha256Hash(payment);
//密文內容轉大寫
var macvalue = Hashvalue.toUpperCase();
//密文加入JSON
var payment_json = JSON.parse(JSON.stringify(payment_Object.payment_data[0]));
payment_json.CheckMacValue = macvalue;
var options = {
'method' : 'POST',
'contentType': 'application/x-www-form-urlencoded',
'payload' : payment_json
};
var resp= UrlFetchApp.fetch("https://payment-stage.ecpay.com.tw/Cashier/AioCheckOut/V5", options);
var code = resp.getResponseCode();
if (code >= 200 && code < 300)
{
//var ret = JSON.parse(resp.getContentText("utf-8"));
console.log(resp.getContentText("utf-8"));// Success
}
else if (code == 401 || code == 403)
{
maybeAuthorized = false;
return "error";
} else
{
console.error("Backend server error (%s): %s", code.toString(),resp.getContentText("utf-8"));
return "error";
}
//console.log(t);
var tempText = t.toLowerCase();
//tempText= tempText.toLowerCase();
//console.log(tempText);
tempText= Sha256Hash(tempText);
var macvalue = tempText.toUpperCase();
console.log(macvalue);
}
function formatDate(){
//= (current_datetime)=>{
var formatted_date= new Date();
var yyyy = formatted_date.getFullYear();
var MM = (formatted_date.getMonth()+1<10 ? '0' : '')+(formatted_date.getMonth()+1);
var dd = (formatted_date.getDate()<10 ? '0' : '')+formatted_date.getDate();
var h = (formatted_date.getHours()<10 ? '0' : '')+formatted_date.getHours();
var m = (formatted_date.getMinutes()<10 ? '0' : '')+formatted_date.getMinutes();
var s = (formatted_date.getSeconds()<10 ? '0' : '')+formatted_date.getSeconds();
formatted_date= (yyyy+"/"+MM+"/"+dd+" "+h+":"+m+":"+s);
return formatted_date;
}
What is that POST supposed to accomplish? If you want to redirect the user as if they clicked a form, make a <form> and trigger the submit action on it with JavaScript or a clickable button.
If you want to stay on the current page and just do an asynchronous/XHR request from the browser (client), use the JavaScript Fetch API
If you want to communicate with that server without a browser, their support is telling you not to do that as whatever endpoint you're communicating with is not designed for that. Doing a CLIENT post requires a browser user agent (the client) to actually make the post.